urlscan.io logo urlscan.io
SecurityTrails logo

bay789a.win Open in urlscan Pro
172.67.175.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qmf.dkahsgd.bid/
Effective URL: https://bay789a.win/
Submission: On March 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 57 HTTP transactions. The main IP is 172.67.175.118, located in United States and belongs to CLOUDFLARENET, US. The main domain is bay789a.win.
TLS certificate: Issued by GTS CA 1P5 on February 6th 2024. Valid for: 3 months.
This is the only time bay789a.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.18.213 13335 (CLOUDFLAR...)
1 1 172.67.173.146 13335 (CLOUDFLAR...)
1 1 52.21.33.16 14618 (AMAZON-AES)
45 172.67.175.118 13335 (CLOUDFLAR...)
1 142.251.40.132 15169 (GOOGLE)
1 142.251.40.168 15169 (GOOGLE)
3 104.26.11.163 13335 (CLOUDFLAR...)
2 31.13.71.7 32934 (FACEBOOK)
1 142.251.40.131 15169 (GOOGLE)
2 142.250.65.206 15169 (GOOGLE)
1 31.13.71.36 32934 (FACEBOOK)
1 172.67.173.241 13335 (CLOUDFLAR...)
57 10
1    104.21.18.213 (None, )

ASN13335 (CLOUDFLARENET, US)
qmf.dkahsgd.bid
1    172.67.173.146 (United States)

ASN13335 (CLOUDFLARENET, US)
oiurptz.co
1    52.21.33.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io
1ru1.short.gy
45    172.67.175.118 (United States)

ASN13335 (CLOUDFLARENET, US)
bay789a.win
1    142.251.40.132 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f4.1e100.net
www.google.com
1    142.251.40.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net
www.googletagmanager.com
3    104.26.11.163 (None, )

ASN13335 (CLOUDFLARENET, US)
web1s.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
1    142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net
www.gstatic.com
2    142.250.65.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net
www.google-analytics.com
1    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
1    172.67.173.241 (United States)

ASN13335 (CLOUDFLARENET, US)
api.bay789.vin
Apex Domain
Subdomains		 Transfer
45 bay789a.win
bay789a.win
2 MB
3 web1s.com
web1s.com — Cisco Umbrella Rank: 384925
7 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
296 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
69 KB
1 bay789.vin
api.bay789.vin
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
185 B
1 gstatic.com
www.gstatic.com
196 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
93 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 short.gy
1ru1.short.gy
60 B
1 oiurptz.co
oiurptz.co
427 B
1 dkahsgd.bid
qmf.dkahsgd.bid
418 B
57 12
Domain Requested by
45 bay789a.win bay789a.win
3 web1s.com bay789a.win
2 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net bay789a.win
connect.facebook.net
1 api.bay789.vin bay789a.win
1 www.facebook.com bay789a.win
1 www.gstatic.com www.google.com
1 www.googletagmanager.com bay789a.win
1 www.google.com bay789a.win
1 1ru1.short.gy 1 redirects
1 oiurptz.co 1 redirects
1 qmf.dkahsgd.bid 1 redirects
57 12

This site contains links to these domains. Also see Links.

Domain
bay789.life
hot789.club
Subject Issuer Validity Valid
bay789a.win
GTS CA 1P5		 2024-02-06 -
2024-05-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
web1s.com
E1		 2024-02-18 -
2024-05-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
bay789.vin
E1		 2024-03-02 -
2024-05-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bay789a.win/
Frame ID: CED03D847570035F3A8B6E8014EBF393
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bay789 - Cổng game game Bay789 - Link tải app chính chủ , uy tín

Page URL History Show full URLs

  1. https://qmf.dkahsgd.bid/ HTTP 301
    https://oiurptz.co/XMQIcg HTTP 302
    https://1ru1.short.gy/GCp9No HTTP 302
    https://bay789a.win/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

57
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

10
IPs

2
Countries

2249 kB
Transfer

3631 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qmf.dkahsgd.bid/ HTTP 301
    https://oiurptz.co/XMQIcg HTTP 302
    https://1ru1.short.gy/GCp9No HTTP 302
    https://bay789a.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bay789a.win/
Redirect Chain
  • https://qmf.dkahsgd.bid/
  • https://oiurptz.co/XMQIcg
  • https://1ru1.short.gy/GCp9No
  • https://bay789a.win/
24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726e1ef0b1795d1bace5df7db21361933530e7879170507646171bf809dbd344

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85e1d121c80651ef-DEN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 02 Mar 2024 13:43:38 GMT
last-modified
Wed, 21 Feb 2024 02:54:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4506af%2FnM1K7cjHfwlTZBcdxQBh1nUhINta4mey%2FWWrGqzqLZyHCRgj%2BayR1l3LCQENSqfQuTbP5%2FTaHrdsOMmwWI82vJovsgvXXERYXtvRHTSvLnXCN%2BMPzyhnxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sat, 02 Mar 2024 13:43:37 GMT
location
https://bay789a.win/
bootstrap.min.css
bay789a.win/vendor/bootstrap/css/ 		150 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2565e-5f44f8009614d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYCf6JeKbEkZexCb0tw3KjAwcHZShstM8NUJ%2FUGuS0FUXc57dt4A%2BG0J90S%2BYb0jvR1%2FY2iYXe947ME4zSgbEKmv2ZaOSYi9Jf7ey5qjXy7V2e85gKhLIODbfoqXbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
85e1d1251ab751ef-DEN
alt-svc
h3=":443"; ma=86400
all.min.css
bay789a.win/vendor/fontawesome-free/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e359ca2cfecefabc098bd34b95d19106e586c6c5b34d537ebc66da5159e2bcc5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"da63-5f44f800342ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuwA%2BGHXVK4aVkgsNstngA0F9wgK1FpfcHQxMiSrvmoC8DzjwrXZ7NFPNM1pRZtxnfP83gVQYwpN%2B4kDmJv6pmoRioFTed4LTIZEcCE8JnRVy%2B%2F6h9jEFhsN97Ufig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
85e1d1251ab851ef-DEN
alt-svc
h3=":443"; ma=86400
style.min.css
bay789a.win/build/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/build/style.min.css?v=0.01
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
318d50ff136541bfbef15b504d7156561b5030aeda857d7d9dfc06e365c22c5e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 11 Feb 2024 15:57:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"930e-6111d38aef61a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNZN%2Bg73jbrnRqmYxGcRV5rOt%2FwNrtJwIt6gfxz4TBKdpjN1IWePZpNT1nkYr9Tdjjz5OA8U0%2B78Wr6DNBfb2KA69RTUODbyY8PBzrsbQyUIhXR67rNY2CxSRX2dig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
85e1d1251ab951ef-DEN
alt-svc
h3=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.132 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f4.1e100.net
Software
GSE /
Resource Hash
793414a5c29820d33c9a6a7120fdbbf4fdbabaf3f3cc0176a53336cc5bb4da5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 02 Mar 2024 13:43:40 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e4ad301eaee5063eebc0c2671447985e6d1bd501edcb1d6dda898579b2d7e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94621
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 13:43:40 GMT
logo-lazy.png
bay789a.win/images/ 		122 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/logo-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e417252f34467d4334e13f4158555ff57b466e1eabab452746f88e374b462af5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:39 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7a-6082129b11deb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FwHDDRVfBE0aTyUfnWOulIi93Tzi5oOlM5CaYZ1QHc01l9b%2Bbx9MbYjFj66RbbJCQZ7j%2BFeSyOowEQsD%2B6%2Bwl30iyN3uJGEOb2Q%2BxbBIP3PpdcuLQN4BILw2%2Bkq4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d1251aba51ef-DEN
alt-svc
h3=":443"; ma=86400
content-length
122
ico_cursor-lazy.png
bay789a.win/images/ 		97 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:39 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61-6082129a89271"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc72UhVxDuLZW6IP%2FbgNbZA92AKmpZGEKsy8PC5mhN14YTNAKBcP2Y1Zt%2BXBvKBGiUGBHpC3qT1ijwIU6CTH4TsGJ4JJbtr4BVjrkDHcKCDay%2FSoYZI7NQ3aUNC1uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d1251abb51ef-DEN
alt-svc
h3=":443"; ma=86400
content-length
97
btn-lazy.png
bay789a.win/images/ 		111 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a631803f69fb9e85c0f402fac198111a226a1ae979a23317772414a18dffbcf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:39 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6f-603386e21d6e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hl%2BPWxzLaqmW%2BhMQwPGMrtzYBCKWRdWaq9Y9U86GQRRGe2o8HpADXqA6PdA0QBIZ9ZixqN8pZ2pDUT%2Fpf5aOOYtbeZXUuTttB%2Fe%2FGYXoCOzK14zITm7VisjJ%2BeJ%2Fjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d1282e5d51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
111
btn-dl-lazy.png
bay789a.win/images/ 		116 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dl-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:39 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"74-603386e2e7556"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWUDG8Ay2bDDjnI%2BRii2lmyLSj%2B5LheEmj37Um5ApBMZ19kL4hfjEO0yfevOfKvG93V0sbpC27RiGoHxmdciAt3UrQn1c8uzn0A47jrL09RtgdrVozx%2FzEMdBz7Htg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d1284e7051e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
116
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEvleWZR5xllQ8LRbupdi2J0Azuw4bhW%2BDQIsRv3XR19mNBLMosfRI5%2FUt1JT3DEh28ou8guke0Bh86AVt6LK0JkELuy7idLn%2FdrTZMpOZCqMUaPMpAhntZJ6fHT8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129afce51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaY%2F9n45CqWuGSrf5eg1Oe5Y9y%2FXGSprCXd3uWp0ulsqURBJDyt65rHhxCOSwFNdx2yrWrGdvdSQTvrQ%2B2xoIxEJp9qDYOSx08v87Ue9vzRI6eIObtqsC4kR9GesLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129afcf51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
22459
site-d-v3.js
web1s.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web1s.com/site-d-v3.js?id=7YiQMzv2YZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Fri, 29 Dec 2023 08:44:03 GMT
server
cloudflare
etag
W/"658e86d3-229f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSGR8s%2BevBK6UOltkhLThbDVrGQO1OfvkxQuiW%2FJLka7mjfAK1%2Fp8Eu7BYuJwuqe96OOiv1DZ9Q5m12Xoq%2BpptMKe725dGYhvZRDudJ6ZAYp7VpcgQNBOY08eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
85e1d12a89c3516d-DEN
expires
Sun, 02 Mar 2025 13:43:40 GMT
title-thank-lazy.png
bay789a.win/images/ 		101 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/title-thank-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34070a4dcb37f5af80ee075a46198ce98021c2d701bdb85df9865dc91ffa628c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65-6082129b5b5af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nWufXwFl%2BlN1R3jry%2F8UIu4vla2%2BEbbPqldybFMqOq40EZkLGQ4X0aSkJuUC%2FQD%2F4oPG1OYrPIcaTFF2ZxGrLeitZ%2FVOVm0GJ5MVKz5N1BXo0cLMLPJhWhbGfc%2FxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129afd051e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
101
lable-thank-lazy.png
bay789a.win/images/ 		99 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/lable-thank-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487baef74423b686b7e758257b8559065e560ea8d62fde1ee58553f5afb05f01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63-6082129aca94e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xH%2FXO6kHj3ruhgEQHnFThuXA%2BNKgXXcmytoZOqeo1tod4iIGwSrkqGCjKYlHhy6SWo20EhF9v0MepNbAU43vtW7ixeKlqcht0Bjl96BUSCb%2B1uA8%2Bn9f6rDQSSomfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129afd351e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
99
dacotaikhoan-lazy.png
bay789a.win/images/ 		103 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/dacotaikhoan-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea48692d33c6e8a28bddd92f3f2bf271dfe4ba3b2bd9e1121ba4cc3723654074

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"67-6082129a300ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B310zlvmqFQ8oMbLOyfeBMNz6JmE%2F7ZzksucMPUnD2B1sun3u849VckIT0iS968i7NcNvUCaIW6y3aWBPnyENP4LW0K1F4Sg%2BM1RCGdAJu8%2FvgksIzKvQJnKXgP42g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129afd451e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
103
adv-lazy.png
bay789a.win/images/ 		116 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/adv-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa289f775f06f2466ab2cc95715d3757a6acaf67c4b049f46a4256d5c77e6368

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"74-60821297d0a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8EQ9YaTExiMRkYebgAfAGYEL2Mka6D%2FF%2BaEGhMOwIP99WkOHQnpF%2Fm6N882tYVpPkMF5DcOYnkdGij3371DiuRsqK1MMWq7zCcDak6x8MXrII9Zt8vOZ4mtFbK4wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129dff451e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
116
loading.gif
bay789a.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/loading.gif
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"663-6082129af8b94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPXkuy1xheSAZhKeKVvTKe4qAVefmvWUl5B1qWkCwrwVMPpEZRhmAkvAhkmMDhicWfIqVXigwUA%2FDOeymkK5gAyPXxlRQir5DieLstfmS%2FbpRVJ6ZkiLtg1ia%2Ba10g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129dff551e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
1635
banner-lazy.png
bay789a.win/images/ 		131 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"83-603386e1c0a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BfBWIm45zlBtjPGFYSYM%2FHN%2BAujlPz7NZwplTarzygSX9hLl%2BfNR9zgTr1RiRaXcTCQrnGFOYnLwQekRs2dK3TpMywpiKKALHEIdeBetnz1mHeZqB%2FmDrggpJOnGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129dff751e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
131
taigame.png
bay789a.win/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/taigame.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"50eb-6082129b461d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwE%2Bmur7rGsJTow4Hvw0wsujVBKD2S7hwW11jgrutv0pig8glarO%2BrbJb4iRxSwcJ1r0bjqAfYlEG4FVb1NIxbXgUnCOZwjxqjRDP7zOF7XrnnkKkNu5aDrmuc%2F%2Beg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129dff851e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
20715
icon-close-modal.png
bay789a.win/images/ 		778 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/icon-close-modal.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207690f1446160c8b7bc552b2b2ec87e5e93db3dcb280d2d72cb23cda8237f4b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"30a-6082129ab595f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfaQXZQWQadNTvCAI%2Bx7f%2BxDIdnRD2ipbsUNOX5CpagN7z3heamWYBWezWW8T7HvaOwQNyNDuVHQFJXsX%2FBvrDgSAKn303igCxNb7TzyAN4asGSJLOJtkGZe%2B%2FfTXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129dff951e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
778
app.min.js
bay789a.win/build/ 		462 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/build/app.min.js?code=2.0.9
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3deace57e96be5167849d1a6cd9af8d7f8308e7a572896166f13b84cdc611da

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Jun 2023 16:21:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7363c-5fd13d34a5823"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gd5IUQL1vMkiYU1ZhpDmzgtYKgn3A2xgTgP7PhaPt4qdbM%2FmNsnM2jHGlc%2Bmr1UMKwIPOOJ%2FVILkWk4osoYCHE6%2BmO9%2F4SoaVr3NiERK73AtRMRNoHwCfxVqV4MeZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
85e1d129afcd51e5-DEN
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 13:43:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
3yjelcfJHO0mcIJLszGl6ixoegW9MC+iNklbIhEX5yCd5XjkuGa8WWZnsEXP8irRhJ8ALucQStaprP8HS9yZxQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg.jpg
bay789a.win/images/ 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/bg.jpg
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4c2d9267790ec5d7dec9abff6cadd80a62c703939e750c238eaee42b24d061

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bay789a.win/build/style.min.css?v=0.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"44505-6082129927e2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBODIYK2ckZn5vnrkciBoipP2DA5%2Fnje%2BzQR9x2i9eJc%2FJ9mFQTiPfwM2i3WJghq4bzLmCvWI9mMbRa%2BCgWu4TgjissHNRaPR4pQf%2FbEBYgaDe8yXINVXiX2wJhPWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d129dffb51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
279813
Montserrat-Regular.ttf
bay789a.win/fonts/ 		240 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/fonts/Montserrat-Regular.ttf
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer
https://bay789a.win/build/style.min.css?v=0.01
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 10 Feb 2023 02:46:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3bfcc-5f44f7fd4824f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6160pEprS0uzvruxBzhHBpzRtci42HwID0EOtM6U1qQ5CckGwlPWQSWCfAZM5NrYg%2FisEUC2da54s0QM3EoeuP8NvJqcvRjV9WIe1KKDBnJ5N7%2Bl2JXe%2FPZOpEUIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-sfnt
cache-control
max-age=14400
cf-ray
85e1d129dffc51e5-DEN
alt-svc
h3=":443"; ma=86400
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 12:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199830
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Mar 2025 12:44:38 GMT
1867070730413868
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1867070730413868?v=2.9.148&r=stable&domain=bay789a.win&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
9dcb5ea28b5c325f5bd77c6a988d84282a14fe7db09ddb0ef8fc9fa89e1bb340
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 13:43:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
7aSzWRrB283eVnKsQ9HDv6SyeapwGOCjXfE0P42d/5b0LK643GkB9kTvvDXPvzlORVV3GPaFHLGpdRxisYTBYw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VRM7WDM4CZ&gtm=45je42t1v9102164222za220&_p=1709387019748&gcd=13l3l3l3l1&npa=0&dma=0&cid=2057674180.1709387020&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709387020&sct=1&seg=0&dl=https%3A%2F%2Fbay789a.win%2F&dt=Bay789%20-%20C%E1%BB%95ng%20game%20game%20Bay789%20-%20Link%20t%E1%BA%A3i%20app%20ch%C3%ADnh%20ch%E1%BB%A7%20%2C%20uy%20t%C3%ADn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3356
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 13:43:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bay789a.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon-x64.png
web1s.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web1s.com/icon-x64.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1205119
content-length
2279
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 03:50:12 GMT
server
cloudflare
etag
"64e824f4-8e7"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUrB85MPXA7Li1R%2Be6Watj%2BAHML4P6tFm8yo%2F8kX62gNphj5RQoTYJ6mebaNDSkFF7uUaXDWHAO%2FQOSX0Z2CsbxsIsdv1bwfMEcDKR4UX6MjJm5VT19EI7vfnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85e1d12d8b15516d-DEN
expires
Sun, 16 Feb 2025 14:58:21 GMT
btn-dl-lazy.png
bay789a.win/images/ 		116 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dl-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"74-603386e2e7556"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyjMR8qZ8MDWZKcO5sIiGa6x9cjJge7jhBjvjcdpe2ovhFJTlbrEYYvthYM1xNkTf6Oamc0jZIxVXKmN2etzKvpUhnums4tSCA9NWMxtwgtlFyd%2B9S6xm1Pk6AGO3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d12d8b9051e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
116
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaS853tamBurbRG%2BB%2BLbaU8p68sYzeA72RcNEV7ur0b1xHeY6NXz4ZZ0hQ0ab%2F4MgVzULfhSfXvH6ZlNj6GfLV%2FqLOFj%2FDEuh87jFBFSRqIbWascdEVNYu%2F8ZIeuNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d12d8b9251e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AOOdj4eJdSW4wyWuFT%2FdNRjQbfVvXmHVt6uPuly8GtHGKVB2rH3qfI0y6UH81vzt%2BU%2FDFLySSQ4xOp6dTWxSkvZ0hp6MBF%2BnFtbHNVKWZbf1k11MudJtke9D7TA7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d12d8b9351e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
22459
site-d-v3.js
web1s.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web1s.com/site-d-v3.js?id=7YiQMzv2YZ
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Fri, 29 Dec 2023 08:44:03 GMT
server
cloudflare
etag
W/"658e86d3-229f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnCcE8zDQkwhTkqj%2BEUwv625PhYIC5pXMNnw15I3Y9ELnbqE5x6pgpa4O1duXYc7Mq%2BU34kUrJd2mLFFfmjWgqrRQc%2FUPM59ZdZpNm%2FqQm58FqGE9nUWMGPKUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
85e1d12d8b17516d-DEN
expires
Sun, 02 Mar 2025 13:43:40 GMT
banner-lazy.png
bay789a.win/images/ 		131 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner-lazy.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:40 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"83-603386e1c0a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbDjAPFpj6HlepXZO1YE6OYt8MbdGjdRk%2B8PWAA0m3TqB%2BBH9PopxXNsvYnZOW3IDzSWZ%2F6vbzvYAmqGyurjF3CZnByY92L3jqjwuVIKQql56DBscSzSHMVJZhh%2BPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d1301e1e51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
131
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1867070730413868&ev=PageView&dl=https%3A%2F%2Fbay789a.win%2F&rl=&if=false&ts=1709387020817&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709387020812.2036838371&ler=empty&cdl=API_unavailable&it=1709387020194&coo=false&rqm=GET
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 02 Mar 2024 13:43:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bg-notifications.png
bay789a.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/bg-notifications.png
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/style.min.css?v=0.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df49bced34914555fda7f71515665bc08d5b2e0fd77f4f54bf23e9999d0a264

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bay789a.win/build/style.min.css?v=0.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"952-60821298dd2de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1JybY0hGRJVryAN9oac1XtV4bQjxasyrhmk6u6N3u0tC5%2FMhIDG%2BqhlKdAtNf9r6RvDYSU%2BC9yHmeMju8%2Fqk8iReJmNAWtVR7zdj%2FZrFd%2B4McURJ%2FzPSzo8cJ%2FRyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d1304e4651e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
2386
id
api.bay789.vin/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bay789.vin/id?command=getCaptcha&sessionId=
Requested by
Host: bay789a.win
URL: https://bay789a.win/build/app.min.js?code=2.0.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.173.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16bd0aeb1a40ff5bfa7a4199f473b5f71c62d5ec4d484a21d03a00a347121f21

Request headers

Accept
*/*
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnH0fyeU8WTsrgTijIiHer9oP6Nf7oFYF5Rara99C8k9XllpzLoJ9uR4who9yhgHMDwgJjU4TFjvkqpJ2JiyYKPltR67oX%2BCUVhyUdy41ByukaEl%2FCaqE%2FtnnjK3Kbkp%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
85e1d1333a951f3d-DEN
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
alt-svc
h3=":443"; ma=86400
logo.png
bay789a.win/images/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/logo.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:42 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20234-6082129b2cb9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FbEr2cASnolulVGscSwU7h1%2FoxQTy9d%2BolQP%2FbxQ47vTDauWOC%2BJ4sIPT%2FiKVM7V7EvFJWUUieOKiHj05DyHkEcJu3OCkGl1%2BSpf%2FvX%2BOI5ywQUqRCjS8HrBUrv6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132b93051e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
131636
btn-dangky.png
bay789a.win/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-dangky.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1d86-603386e3032a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBlP2aq9plddp5sA0E3NbbR3u7rH7l5Ck4osj9asHjtAk%2FqbDoaHXbu%2FGEMHqM48FoJbgNOkcpuGSJFiitgiu0CofbecGwgSVRzxipfmMNpuVt9gaB0VUSKNn3Qwfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132c93351e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
7558
ico_cursor.png
bay789a.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ico_cursor.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e86f459389a67645deabdf55ea8848448ddf09e465c485a410aaccf54c8c0f91

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"846-6082129a97cd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDwomAEmViboMmA4m25kdErB%2BpS%2B4t5HBNDV2oyVMfrOMsYWeVdrKwYDHU6bp8l1hAtM%2BiZsiLxfGjnUCIF3AeZX6RXBNU4IuLRQkD1lYR7x8AVNpaUcmCT01%2BuhuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132c94151e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
2118
btn_quick_play.png
bay789a.win/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn_quick_play.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"32cd-603386e2d9e7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BsLAGgfa7cTtGwMRUgexyxZRL3rrMXupRKOLKqDTz8rSjzEAzsQlLFYyvaDgSXWWDhIKRlE8VAVRNR7G09bZyoOj2ATcTANHY4dWHKMDDw4Wum3aHjXBFgxd2vW6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132c94251e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
13005
ic-tele2.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-tele2.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"563f-6082129a6bdb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4%2FE6nwZ1h5wL8ptpCVxbj11GvKHf0ZLxiPdZrMkGnzz%2F3zr23VYgbDOQwfrd25GveRNffEhzWCfOgr4UM3vWXfVitBPtN0W6uhmQVGOboqP8u6pm0PPDljZ19fhyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132c94451e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
22079
ic-fb.png
bay789a.win/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/ic-fb.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57bb-6082129a5cb83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UB4OAZkzaVhAMAGNjMNFcwRRkLtbOTRUlVNCVuD%2BnC37cbX%2F8TczW%2BcLTctlxBiY87c3ETr8cN4xXHRzpmcDl%2FZX6592j6omBC5QDi21g9ct0%2FrIeeNCpHf9YNo2tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132c94551e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
22459
title-thank.png
bay789a.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/title-thank.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ece-6082129b7153e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z7AmrFa7S9KeSUbX3SYHjExpERGIIaSUpUhzBMNfzzh%2F6KICCllfiad8%2FPGqdmUBULzs7qw9fQDm%2BNFKQWQi%2BdaiPIf%2BL4e7CM3tRslcuy4ePyVRyVcEZQGDkRwVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d94751e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
3790
lable-thank.png
bay789a.win/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/lable-thank.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed80f76d7037c310d337042c71c3d74824b732656dde704377f712a9fdd2cedf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d30-6082129ae2c05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Fq6SshWX3j6djlHL%2F%2BhQy0iRYgCE%2BtCpdjPOc4Qch6zj%2FjPrK5WB%2FUx9T7jls18Tq59qK35t4X0BKGeidn1kQeIFYjLPfCfeATP7k5dQHY0wYIdVH0%2F88AebhpWqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d94851e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
3376
dacotaikhoan.png
bay789a.win/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/dacotaikhoan.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 20 Oct 2023 07:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"419-6082129a3eb0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xuEWRJFJkWzIiTj5SwMuVRcYS0U4eLIezWhWIPqecb%2B8GzIOpZvuMCsHX%2FUHxr2aaNaRDFZ8yqGjxqpwHRhQRd7tLgIowbLzlvrdKulE9QqGGqUN%2FPL285ekXdo6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d94a51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
1049
adv.png
bay789a.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/adv.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"615e-608212988394a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lV65FBNwvqhH9XcccYsjfnOSU7uiZw8XlCBze4NleyQ%2FhunCds1VvLMnsZFFKT4ZxSy8%2FmRZnEPhukfATS5XzVAfBLJfWzXDmrLevdPdZjlt8ORmZxKv8SI%2BYUIZeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d94c51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
24926
btn-android.png
bay789a.win/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-android.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:42 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b641-603386e2787eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8OLOyLrd1ewwCkXJkB9yena%2Ft9a3CYm2RibkHZkXU5T7F4eoZDgpTvdgMTBaw%2ByjbboiJ5xpD4QdDngnw5I9sbxLE2l7b1dsWUzi3%2BRsKmGvnA%2BGKoXXOjSDSV%2BxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d94e51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
46657
btn-chPlay.png
bay789a.win/images/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-chPlay.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:42 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b9d9-603386e1f7d59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TC7JoC9xJEd1gqiWX5gq1mks5DWXh9cauHwHdbaKUwipCaeUBBCQSKNh58I7fZtOkfy%2FSct1ocAUXQP2sbZxq4t5u5beUL6Ee%2BrHN9kOvTxAXw3bH12xDHW8O84kVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d94f51e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
47577
btn-ios-appstore.png
bay789a.win/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-ios-appstore.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:42 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eab5-603386e1f7d59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6LUYRjwnORs64Imj1YG3L3jjnO6cCQm2bne8ca9aNdPjjd75%2FozlbnvASjASnaiqrd6ZzsbZ0gyG2wL66GfzbuLBK68SQcXdmhUIn19GbqEPaD4g%2FEYqgE%2BPyBwsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d95051e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
60085
btn-signApp.png
bay789a.win/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/btn-signApp.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:42 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eaec-603386e2d9a97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNrLDWz6X7y02rJ4458v8WzHrIXFuHJ9S7H5HpPaaS%2F0NQnF0S8PYReqQihmT17vIYqCEjLEwHEe6yNiNU3Rpy6e4EJ4DoXjF6VyKKo1kJ9ho%2Fqs%2Fy6mT5vKzGWAqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d95151e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
60140
banner1.png
bay789a.win/images/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner1.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"48b02-603386e268234"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMo1I%2BkvCc7skEqDEsSMbVtpMi3q%2BwD6tVRMU6QmCzumoSnBZRUgi7Cq6aiU%2BWQ11L4x1YTeYlWok5xmMUAMdTT%2F8SbqdVaENDEr%2BdcBdh8Q25SsmIVH6U1VUO26uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d95251e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
297730
banner2.png
bay789a.win/images/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner2.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:42 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3e18c-603386e259bbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YO086Tfuf%2FdO01I0Lk27m8IVtB5oKvm5kXvJ5bKlqO0SZ47L1h9dgVWlnRAajJT1GFq4Iwj21uwqeOkJZ%2FCxQTQKOr68qeR%2FoTEM8w5QYO%2FsL8bVOK9lP0XHWSO3TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d95351e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
254348
banner3.png
bay789a.win/images/ 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/banner3.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Aug 2023 20:32:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3394b-603386e25e20d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skT%2F3SUwXbdZPY6xq7q%2FBuPIbXfMXRVu1sc4J8NOaZ0F5QXRGA7A7ZMWaDDXVQyfqMZec%2BG7blFvDfxlmoGaXGz526y%2B4kYlyOaUeTYqvUMKnr7SeM9KX095bjte3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d95451e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
211275
taigame.png
bay789a.win/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bay789a.win/images/taigame.png?v=2.0.8
Requested by
Host: bay789a.win
URL: https://bay789a.win/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:53:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"50eb-6082129b461d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqRlV0J%2F5luoEQVZFOI9mVyPiXWVK%2Bnlm%2BCyhaXn6TkzlfvWKpTjctlHXrv6XfMC5xcoea1w7YN2Ao%2FLCclu%2BWjD8kJ63M6J0M0llXBg4BJAb51f9cewGFosDs1dQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85e1d132d95551e5-DEN
alt-svc
h3=":443"; ma=86400
content-length
20715
fa-regular-400.woff
bay789a.win/vendor/fontawesome-free/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bay789a.win/vendor/fontawesome-free/webfonts/fa-regular-400.woff
Requested by
Host: bay789a.win
URL: https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer
https://bay789a.win/vendor/fontawesome-free/css/all.min.css
Origin
https://bay789a.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 13:43:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Feb 2023 02:46:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"350c-5f44f800e3f61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzbHi2U7G7oW45RDZwqvVNqoqF%2FOlSqcmMKLfdCayivptGyzYAMUJfNPnzsscLKlW0oLjxyLiWYE4s0eZPQ5qNgbZVh4UEE6uV3iIDAJv5eF6W4jE7FNF5CNi05MtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
85e1d132d95951e5-DEN
alt-svc
h3=":443"; ma=86400
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf27bc4458dc039c76abddd01307cbfc2b0e92bd3abb9075471e7c9d08df9786

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VRM7WDM4CZ&gtm=45je42t1v9102164222za220&_p=1709387019748&gcd=13l3l3l3l1&npa=0&dma=0&cid=2057674180.1709387020&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709387020&sct=1&seg=0&dl=https%3A%2F%2Fbay789a.win%2F&dt=Bay789%20-%20C%E1%BB%95ng%20game%20game%20Bay789%20-%20Link%20t%E1%BA%A3i%20app%20ch%C3%ADnh%20ch%E1%BB%A7%20%2C%20uy%20t%C3%ADn&en=scroll&epn.percent_scrolled=90&_et=16&tfd=8375
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRM7WDM4CZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 13:43:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bay789a.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| fbq function| _fbq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa number| isAction function| onPlayWeb function| onSupportFB function| onSupportTELE function| onDownloadAndroid function| onDownloadIos function| onDownloadSignIos function| onDownloadCHPlay string| refCode function| playWeb string| v object| iv object| key object| conf string| wg function| onRegFrmSubmit function| onLoginFrmSubmit string| aff_id string| app_id string| userAgent object| sessionId boolean| isMobile object| notifications boolean| isIPadPro boolean| autofill function| receiveMessage function| updateActions function| clearBGAutoFill function| lazyLoading function| onLogin function| onLoginFB function| onLoginFbSucceed function| onRegister function| onNotifications boolean| getRankNano number| rankTimer function| getRank function| onStoreRef function| $ function| jQuery object| bootstrap function| Fingerprint2 object| CryptoJS function| UAParser object| recaptcha object| bay789 function| getFormData function| getCaptcha

3 Cookies

Domain/Path Name / Value
.bay789a.win/ Name: _ga
Value: GA1.1.2057674180.1709387020
.bay789a.win/ Name: _ga_VRM7WDM4CZ
Value: GS1.1.1709387020.1.0.1709387020.0.0.0
.bay789a.win/ Name: _fbp
Value: fb.1.1709387020812.2036838371

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1867070730413868?v=2.9.148&r=stable&domain=bay789a.win&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ru1.short.gy
api.bay789.vin
bay789a.win
connect.facebook.net
oiurptz.co
qmf.dkahsgd.bid
web1s.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.21.18.213
104.26.11.163
142.250.65.206
142.251.40.131
142.251.40.132
142.251.40.168
172.67.173.146
172.67.173.241
172.67.175.118
31.13.71.36
31.13.71.7
52.21.33.16
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
082b42d66ad184fbef6843e86f9a8c0734289798ecb6cbfbc84213390fcba7ac
0d3b34302ef4c78b6b5dda32237f9974f535231627f36e3cbc5f49f81091797c
15acd6dcda92d2c4b19ddb3a132eee05e76a8c5103fe6fd677ddc6b4bdae077a
16bd0aeb1a40ff5bfa7a4199f473b5f71c62d5ec4d484a21d03a00a347121f21
1df49bced34914555fda7f71515665bc08d5b2e0fd77f4f54bf23e9999d0a264
207690f1446160c8b7bc552b2b2ec87e5e93db3dcb280d2d72cb23cda8237f4b
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
318d50ff136541bfbef15b504d7156561b5030aeda857d7d9dfc06e365c22c5e
332438758fba3596e0984e46fe72ba7837b731530a477d78344e2bbf258ace71
34070a4dcb37f5af80ee075a46198ce98021c2d701bdb85df9865dc91ffa628c
45af05120053dbf111aad377fe0406bbdb06430ce46839b9fed78dfff92e0905
487baef74423b686b7e758257b8559065e560ea8d62fde1ee58553f5afb05f01
4a631803f69fb9e85c0f402fac198111a226a1ae979a23317772414a18dffbcf
4bf81870dcc78113af11dcbabaf8f3dc73a65ebb7db0392e2410f9ce885e1af2
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5e09d29a76bddc43a334e00ff41e7d1b083e3dd5ff82d9d8d3fb4166250a4943
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6d4c2d9267790ec5d7dec9abff6cadd80a62c703939e750c238eaee42b24d061
726e1ef0b1795d1bace5df7db21361933530e7879170507646171bf809dbd344
75cc1d00a6a9bfc6e77a8954eda2dbfa884ff36a1648ea6e15acd7fa579f37e7
793414a5c29820d33c9a6a7120fdbbf4fdbabaf3f3cc0176a53336cc5bb4da5c
856fa9abc6125f5c6f0719c455be4153ea7e833da54405d54c3e4cde6458f8fb
91c19f0353dc8c20a6efa26545b5445724c2228a2c784826f39d18cae91b2112
991ce01a432700ecb66347ac75278c5236950f8773c9b390421d5611b1c79347
9dcb5ea28b5c325f5bd77c6a988d84282a14fe7db09ddb0ef8fc9fa89e1bb340
a3deace57e96be5167849d1a6cd9af8d7f8308e7a572896166f13b84cdc611da
a52a15b1a645a1c8e7df326b002ff09b51232a39551e4e1f4fce853325dbf33c
aa289f775f06f2466ab2cc95715d3757a6acaf67c4b049f46a4256d5c77e6368
bf27bc4458dc039c76abddd01307cbfc2b0e92bd3abb9075471e7c9d08df9786
c559698c4462e40e896c80d2792e945414e1e4055bfaf8dfc2a9639de51a0bdb
c9382517db0c231c1885ae27ee85fbf5752b74fb0cdd6f1b14486616546a2ab2
c9f5636bfd9fa8a2928b34d0fbbcec86f067df0398529a2474525e4894ebab15
de92cf3a7a02e084c9616644ca77ec4ab0da4a9407eb2a262deff43b9258d279
dfc09df391637a4b5ef7a097e843756be49d84cb56940f1f7ab9789043e32fb3
e25f22f7cb282f43f48560881bc5c24f6fbb04cb0bb5f7070e8165d09e8e458e
e359ca2cfecefabc098bd34b95d19106e586c6c5b34d537ebc66da5159e2bcc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417252f34467d4334e13f4158555ff57b466e1eabab452746f88e374b462af5
e4ad301eaee5063eebc0c2671447985e6d1bd501edcb1d6dda898579b2d7e8c9
e86f459389a67645deabdf55ea8848448ddf09e465c485a410aaccf54c8c0f91
ea48692d33c6e8a28bddd92f3f2bf271dfe4ba3b2bd9e1121ba4cc3723654074
ed80f76d7037c310d337042c71c3d74824b732656dde704377f712a9fdd2cedf
efea4213d809acd738959d8f2a0ef9b79904f346c4ea2939588f4720d36995a8
fbd7e08d911b0d4bae88b6c8ba47c538617781c3aded9e3d68da8715b8fc0589
ff3b67f12a6015e185e27ad6e1482460671027204f3a66d3161fe59826495bb4